CVE-2018-6515

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-6515

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-6515.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-6515

Published

2018-06-11T20:29:00.360Z

Modified

2026-02-03T07:02:14.125786Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation.

References

https://puppet.com/security/cve/CVE-2018-6515

Affected packages

Git / github.com/puppetlabs/puppet

Affected ranges

Type: GIT
Repo: https://github.com/puppetlabs/puppet
Events: Introduced

384311c359e43ac56cbb937fca9aba82068fd2d6

Fixed

7d7fb2e8559571a2da4b6a597c41c0e71a20be78

Introduced

ceec9d2b6ab716cf90c2f8f4384632ebd1afc338

Fixed

e6b2d096b681ce8da25388e8a26362dca555f3a8

Affected versions

4.*

4.10.10

4.10.11

4.10.12

4.10.9

5.*

5.3.0

5.3.1

5.3.2

5.3.3

5.3.4

5.3.5

5.3.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-6515.json"

Git / github.com/puppetlabs/puppet-agent

Affected ranges

Type: GIT
Repo: https://github.com/puppetlabs/puppet-agent
Events: Introduced

b751de70df995fc1a19f279311df406888bb7031

Fixed

5c3d217d07a53addbb33d773f58487aa34ca425e

Introduced

bc91a33c60c94e793a6cf5e69795b10db5d49ead

Fixed

7d562b4006028400529d9186d44d0b959ead4628

Introduced

30e7527755d31f12da8cbc58cd71b783fbfab01e

Fixed

dd5cea7aaa6ff7e4618f4f0391bf2e72a123a993

Affected versions

1.*

1.10.11

1.10.12

1.10.13

5.*

5.3.6

5.3.7

5.5.0

5.5.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-6515.json"